Gate News 消息,3 月 22 日,据 SecureList 披露,黑客近期通过仿冒 Google Play 商店的钓鱼页面,在巴西发起 Android 恶意软件攻击活动。目前所有已知受害者均位于巴西。
攻击者搭建了与 Google Play 高度相似的钓鱼网站,诱导用户下载名为"INSS Reembolso"的伪造应用。该应用安装后,将分阶段释放隐藏恶意代码,并直接加载至内存运行,设备上不留可见文件,具有较强的隐蔽性。
恶意软件的核心功能之一为加密货币挖矿,内置针对 ARM 设备编译的 XMRig 挖矿程序,可在后台静默连接攻击者控制的挖矿服务器。该程序会监控电池电量、温度及设备使用状态,动态调整挖矿行为以规避检测,并通过循环播放静音音频文件绕过 Android 系统的后台进程管理机制。
部分变种还内置银行木马,可在某 CEX 和某钱包的 USDT 转账界面叠加伪造页面,静默替换收款地址。此外,恶意软件支持录音、截屏、键盘记录及远程锁机等多项远程控制指令。
Disclaimer: The information on this page may come from third parties and does not represent the views or opinions of Gate. The content displayed on this page is for reference only and does not constitute any financial, investment, or legal advice. Gate does not guarantee the accuracy or completeness of the information and shall not be liable for any losses arising from the use of this information. Virtual asset investments carry high risks and are subject to significant price volatility. You may lose all of your invested principal. Please fully understand the relevant risks and make prudent decisions based on your own financial situation and risk tolerance. For details, please refer to
Disclaimer.
Gerelateerde artikelen
Syndicate Labs Private Key Leak Leads to $330K SYND Drain on May 1; Company Pledges Full Reimbursement
According to Syndicate Labs, on May 1, a private key leak resulted in malicious upgrades to the company's cross-chain bridge contracts on two blockchains. Attackers drained approximately 18.5 million SYND tokens (worth around $330,000) and about $50,000 in user tokens. The incident affected only
GateNews55m geleden
North Korean Actors Extract $577M in Crypto Hacks Through April 2026, Accounting for 76% of Global Losses
According to TRM Labs, North Korean actors extracted approximately $577 million in the first four months of 2026, representing 76% of all global cryptocurrency hack losses during the period. The theft stems from two April incidents: the $292 million KelpDAO exploit and the $285 million Drift
GateNews4u geleden
North Korea Accounted for 76% of 2026 Crypto Hack Losses in First Four Months, $577M Stolen: TRM Labs
According to TRM Labs, North Korean actors extracted approximately $577 million through the first four months of 2026, representing 76% of all global cryptocurrency hack losses during the period. The losses stem from two April incidents: the $292 million KelpDAO exploit and the $285 million Drift Pr
GateNews4u geleden
Kelp 兩週後全面升級跨鏈橋、ether.fi 同步硬化 WeETH
4月18日 rsETH 跨鏈橋遭駭後兩週,Kelp 於4/29完成升級:驗證者4/4、區塊確認64、拓撲採 hub-and-spoke,跨鏈訊息必須經以太主網中轉。ether.fi 亦同步硬化 weETH,並加入 DeFi United 捐贈5,000 ETH。DeFi United動員逾70,000 ETH救援資金,Aave 等市場利率顯著下降;但攻擊者仍持有約107,000 rsETH待清算,需治理與委員會式流程回收。
ChainNewsAbmedia4u geleden
Wasabi 遭駭 290 萬美元:管理員私鑰外洩、合約被改成惡意版本
DeFi 衍生品 Wasabi Protocol 4/30 遭管理員私鑰外洩,攻擊者透過 Deployer EOA 獲得 ADMIN_ROLE,再利用 UUPS 升級機制替換 perp vaults 與 LongPool 為惡意版本,直接提款。CertiK 初估損失約 290 萬美元,影響以太坊主網與 Base;Wasabi 已公告暫停互動,Virtuals Protocol 也凍結 Wasabi 相關保證金。此事件凸顯上游私鑰安全對下游生態的風險。
ChainNewsAbmedia6u geleden
